-
Notifications
You must be signed in to change notification settings - Fork 138
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
30 changed files
with
426 additions
and
74 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
# Kunyu Serverless HOSTS碰撞配置 | ||
|
||
首先进入配置云函数界面,选择自定义创建,执行环境选为Python3.6,地域都可以,当然针对中国的目标最好选为国内的位置,函数名称任意 | ||
|
||
![](../images/serverless_1.png) | ||
|
||
填入函数代码,具体代码如下: | ||
|
||
![](../images/serverless_2.png) | ||
|
||
```python | ||
# -*- coding: utf8 -*- | ||
import requests | ||
|
||
def main_handler(event, context): | ||
headers=event["headers"] | ||
ip = headers["ip"] | ||
header_new={ | ||
"Host":headers["hosts"], | ||
"User-Agent":headers["user-agent"], | ||
"Accept-Encoding": "gzip, deflate", | ||
"Accept-Language": "zh-CN,zh;q=0.9,ko;q=0.8", | ||
"Connection":"close" | ||
} | ||
try: | ||
r = requests.get(ip,headers=header_new,timeout=10,verify=False) | ||
if r.status_code == 200: | ||
r.encoding = "gbk2312" | ||
return r.text | ||
except Exception as err: | ||
print(err) | ||
|
||
return False | ||
``` | ||
|
||
在高级配置中,执行超时时间设置为10秒,如果超时时间默认时较小,可能导致返回失败请求结果。 | ||
|
||
![](../images/serverless_3.png) | ||
|
||
创建触发器,具体配置如下,注意关闭集成响应。 | ||
|
||
![](../images/serverless_4.jpg) | ||
|
||
编辑API配置的路径为/,然后点击立即完成 | ||
|
||
![](../images/serverless_5.png) | ||
|
||
配置成功后获取到API网关域名如图: | ||
|
||
![](../images/serverless_6.png) | ||
|
||
两个任选其一即可,复制出来并进行初始化操作。 | ||
|
||
**命令:** | ||
|
||
``` | ||
kunyu init --serverless "API网关地址" | ||
``` | ||
|
||
然后正常进行HOSTS爆破功能即可。 | ||
|
||
![](../images/serverless_7.png) | ||
|
||
**示例:** | ||
|
||
![](../images/serverless_8.png) | ||
|
||
**态势感知效果:** | ||
|
||
![](../images/serverless.png) | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
# Kunyu Serverless HOSTS collision configuration | ||
|
||
First enter the configuration cloud function interface, select custom creation, the execution environment is Python 3.6, the region is fine, of course, it is best to choose the domestic location for the goal of China, and the function name is arbitrary | ||
|
||
![](../images/serverless_1.png) | ||
|
||
Fill in the function code, the specific code is as follows: | ||
|
||
![](../images/serverless_2.png) | ||
|
||
```python | ||
# -*- coding: utf8 -*- | ||
import requests | ||
|
||
def main_handler(event, context): | ||
headers=event["headers"] | ||
ip = headers["ip"] | ||
header_new={ | ||
"Host":headers["hosts"], | ||
"User-Agent":headers["user-agent"], | ||
"Accept-Encoding": "gzip, deflate", | ||
"Accept-Language": "zh-CN,zh;q=0.9,ko;q=0.8", | ||
"Connection":"close" | ||
} | ||
try: | ||
r = requests.get(ip,headers=header_new,timeout=10,verify=False) | ||
if r.status_code == 200: | ||
r.encoding = "gbk2312" | ||
return r.text | ||
except Exception as err: | ||
print(err) | ||
|
||
return False | ||
``` | ||
|
||
In the advanced configuration, the execution timeout time is set to 10 seconds. If the timeout time is small by default, it may cause the failed request result to be returned. | ||
|
||
![](../images/serverless_3.png) | ||
|
||
Create a trigger, the specific configuration is as follows, pay attention to close the integrated response. | ||
|
||
![](../images/serverless_4.jpg) | ||
|
||
Edit the path of the API configuration to /, and then click Finish now | ||
|
||
![](../images/serverless_5.png) | ||
|
||
After the configuration is successful, the domain name of the API gateway is obtained as shown in the figure: | ||
|
||
![](../images/serverless_6.png) | ||
|
||
![](../images/serverless_6.png) | ||
|
||
You can choose one of the two, copy it out and initialize it. | ||
|
||
**Order:** | ||
|
||
``` | ||
kunyu init --serverless "API gateway address" | ||
``` | ||
|
||
Then perform the HOSTS blasting function normally. | ||
|
||
![](../images/serverless_7.png) | ||
|
||
**Example:** | ||
|
||
![](../images/serverless_8.png) | ||
|
||
**Situational Awareness Effect:** | ||
|
||
![](../images/serverless.png) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
# -*- coding: utf8 -*- | ||
import requests | ||
|
||
def main_handler(event, context): | ||
headers=event["headers"] | ||
ip = headers["ip"] | ||
header_new={ | ||
"Host":headers["hosts"], | ||
"User-Agent":headers["user-agent"], | ||
"Accept-Encoding": "gzip, deflate", | ||
"Accept-Language": "zh-CN,zh;q=0.9,ko;q=0.8", | ||
"Connection":"close" | ||
} | ||
try: | ||
r = requests.get(ip,headers=header_new,timeout=10,verify=False) | ||
if r.status_code == 200: | ||
r.encoding = "gbk2312" | ||
return r.text | ||
except Exception as err: | ||
print(err) | ||
|
||
return False |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -15,7 +15,7 @@ | |
__python_version__ = sys.version.split()[0] | ||
__platform__ = platform.platform() | ||
__url__ = "https://github.com/knownsec/Kunyu" | ||
__version__ = '1.6.1' | ||
__version__ = '1.6.2' | ||
__author__ = '风起' | ||
__Team__ = 'KnownSec 404 Team' | ||
__author_email__ = '[email protected]' | ||
|
@@ -35,7 +35,6 @@ | |
kunyu is Cyberspace Search Engine auxiliary tools | ||
{{datil}} | ||
""".format(version=__version__, url=__url__) | ||
|
||
__help__ = """ | ||
|
@@ -65,4 +64,5 @@ | |
kunyu init --username "[email protected]" --password "P@ssword" | ||
kunyu init --seebug "012345200157abcdef981bcc89a1452c34d62b8c" | ||
kunyu init --apikey "01234567-acbd-0000" --seebug "a73503200157" (recommend) | ||
kunyu init --serverless "https://service-xxxxx-xxxxxxx.sh.apigw.tencentcs.com:443" | ||
""" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.